With such a rise in cyberattacks and due to increasing insider threats, the risk of serious industrial cyber incidents from IoT and OT infrastructure has also risen significantly. Industrial companies that invested significantly in OT infrastructure have also turned into prime targets for ransomware and sophisticated attacks. Such attacks can lead to an erosion of revenue, invested capital, data, and credibility. The loss of production window and destabilization of production schedules will continue to impact bottom lines for months, if not years.
Thus, the need to close digital transformation gaps is now more essential than ever. Even a single exposed threat surface in your infrastructure can be detrimental to your overall security posture.
Digital transformation and security gaps
Digital transformation driven by data harvesting and integration of assets and networks is opening up new threat surfaces and latent gaps. These gaps serve as attack pathways that are linked through cloud and application services, supply chains, remote workforce, and untested IoT devices. Such vulnerabilities that extend into critical control systems when exploited by a sophisticated hacker can derail even the most mature first response plan as the hacker moves laterally in the system disrupting operations while covering new ground and exploiting new gaps.
A traditional IT-focused approach to digital transformation security has proven to be the bane of many industries and security teams. Most IoT and OT systems lack advanced capabilities and often operate in alignment with last year’s threat environment. With the proliferation of sophisticated threat actors, mature cybersecurity programs based on threat anticipation and response are no longer a matter of choice.
Most of the IoT and OT cybersecurity programs that are being run by businesses lack active defenses, skilled workforce, and tools needed to detect and address multiple vulnerabilities. The number of businesses that have a roadmap in place with investments and management buy-in for a significant improvement in security posture is even less.
Most businesses lack the resources and expertise to execute secure deployment of innovative digital transformation efforts. Sometimes such programs would have consumed more budgets than allocated and teams often try and cut corners by downgrading the original security program in terms of measures and tools to save money.
More access, less security
There is a demand from multiple stakeholders for providing direct access to infrastructure components including safety and instrumentation systems (SIS), core engineering systems, and cloud-based data analytics systems. Third-party vendors often ask for network access to service remote hardware and predictive maintenance systems share data with multiple vendors in some instances. In many parts of the Middle East such as the United Arab Emirates and Saudi Arabia, we have seen drones being used for surveilling remote locations. Such drones are often connected to multiple networks each of which could serve as entry points for complex malware or multi-payload droppers.
Digital transformation relies on improving operational transparency, overall efficiency, effectiveness, productivity, and process consistency. To attain these goals, security configurations are often overlooked or de-prioritized. In a Sectrio survey conducted between April and May 2022 over 80 percent of CISOs admitted to lacking the desired level of visibility into their operations. In the Middle East CISOs also spoke about using systems that were not hardened from a security standpoint and were thus liable to be exploited by threat actors.
Such gaps increase the risk of disruptive cyber incidents that can impact safety, infrastructure integrity, and business continuity.